CryptoHow to fix: Could not Initialize Class Javax Crypto Jcesecurity

How to fix: Could not Initialize Class Javax Crypto Jcesecurity

The issue is that after you have installed and enabled Premium and Performance Encryption products, either at the start in AR System Server or during the initial connection to the Remedy Client, it is possible that you could encounter the following error message:

ERROR (9010): The encryption library was not found and cannot be loaded; it Could not initialize class javax.crypto.JceSecurity, 5060,

The message is split into two distinct parts, separated by a semi-colon.

This is the first error message. The message is indicating a remedy error 9010. This is a common error that either the code required to decrypt and encrypt data is missing from the system, or the code cannot be loaded.

The second section of this message is very detailed and explains the issue. This KA focuses only on issues. ‘javax.crypto.JceSecurity’ is the second section of error, that is class could not initialize.

This issue is directly related to two Oracle files that BMC packs with its Security Premium and Performance solutions. Two of these files are accountable, at least in part, for encryption of data that is used when using the Premium and Performance encryption.

This typically occurs when you use an older version of AR Server and encryption (for instance, 9.1.03) and a more recent version of Java 8 (for example, Java 8 SE Update 251).

In this instance, Remedy 9.1.03 products were launched in June 2017, at the time that Java SE 8 Update 131 was the most current version available. Since then, Java has made several modifications which include this modification to the class we defined in our error message, which makes Java SE 8 Update 251 not compatible with the code used within our encrypted installer.

The reason for the error:

A specific technical error has been identified, but only if it can aid the reader in determining whether the article is applicable.

It is important to note that the local_policy.jar and US_export_policy.jar included in the encryption software are not compatible with the Version version installed in Java.

Symptom of error:

  • Error: “Java.lang.NoClassDefFoundError: javax/crypto/JceSecurity” creating OLAP connection in CMC
  • “Failed to get connections, for connection [] using session locale []”

Fixing errors:

This article might contain information that doesn’t pertain only to versions 21.05 or later, running in a container-based environment. To address this issue, Administrators will have to manually replace the two files following the Remedy Premium and Performance encryption installation. The ones supplied by Oracle:

  • $JAVA_HOME/lib/security/local_policy.jar
  • $JAVA_HOME/lib/security/US_export_policy.jar

You can download the replacement files on Oracle’s download website:

Fixing Errors if Jar File is not present:

Verify you have the following JAR files are present within your JRE

  • JRE/lib/security/local_policy.jar
  • JRE/lib/security/US_export_policy.jar

The New Features New Security property to regulate crypto policy’s:

There is a brand new feature in this release in which the newly added Security property controls the JCE jurisdiction policy files that the JDK uses. In old versions, JCE jurisdiction files had to be installed. The JCE jurisdiction files were downloaded separately to permit an unlimited amount of cryptography to be utilized within the JDK. The steps of downloading and installing are no longer required. Instead, to allow unlimited cryptography, you can use the brand new crypto—policy Security feature.

Suppose the new Security property (crypto. policy) is set in Java. The Security file set dynamically by using the Security.setProperty(). It can be call before the JCE framework has been initialized, that setting will be honoured. The property is undefined.

If the old JCE jurisdiction files aren’t present in the directory lib/security for the older JCE and the property is not defined, the default level of cryptography will remain at “limited”. To enable the JDK to use unlimited cryptography, you must set the crypto.policy to the value of “unlimited”. Check out the information within the file that comes with this Versionversion for more details.

For Solaris, you should delete the older SVR4 package before installing the latest JDK updates. If you are doing an SVR4 update based on SVR4 (without removing the old packages) using an earlier JDK version before 6u131, 7,u121, and 8u111 8u111, then you need to change the crypto.policy Security property within the file.

Since the older JCE jurisdiction files remain in /lib/security, they may not comply with the current Security JAR signing standards. They were updated in 6u131, 7u121, 7u111, and subsequent updates.

Reinstalling Java:

Follow the steps below:

  • Remove all previous versions of Java and save only one Version version (preferably the latest Versionversion JDK)
  • If manual entries of the old Java environment path are removed, remove them (e.g.) PATH, JAVA_HOME
  • Make sure to point your IDE (e.g. Eclipse) towards the most recent Version version of JDK
  • Revert to the original jar file in JDK/JRE, if they were modified previously by manual procedures
  • Click on ‘Check for updates Java installation’ on the system or PC

Solving the Error through Maven:

It would be best if you started Maven within the Docker library/openjdk:9 containers. You will resolve it by getting a Java 9 JDK from Oracle at and setting JAVA_HOME. It appears that the two JDK files (mentioned in the other responses) don’t appear in the Docker image.

Get in Touch


Please enter your comment!
Please enter your name here

Related Articles

Latest Posts